Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

Mj2521372142

1.
Richa Purohit, Yogendra Singh, Dr. Upendra Mishra, Dr. Abhay Bansal / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue 5, September- October 2012, pp.2137-2142 Integrtation of Encryption and Hash Function for Improved Message Authenticity Richa Purohit (Arya), Yogendra Singh, Dr. Upendra Mishra, Dr. Abhay Bansal Amity School of Engineering. & Technology Amity University Rajasthan Jaipur, India Dy. Manager- IT, Au Financiers India Pvt. Ltd. Jaipur, India Amity School of Engineering. & Technology Amity University Rajasthan Jaipur, India Amity School of Engineering. & Technology Amity University Uttar Pradesh Noida, IndiaAbstract Hash function is an important tool for II. CLASSIFICATION OF HASH FUNCTIONSimplementing data and information integrity. For data origin authentication there is a special classPresently there are many integrity techniques, of hash functions that use a key. The hash functionsthat support hashing, but almost every technique without a key are used for data integrity.faces one or other attack or any other security or According to [2] a function used mainly to detectperformance related issue. The main problem is changes in the signed messages is calledthe possibility of creating forged hash value by modification detection code (MDC) orintruder, which may be transferred with the manipulation detection code, and less commonly aschanged message, and being received and message integrity code (MIC). MDC is a subclass ofaccepted by receiver. This paper discusses how to unkeyed hash functions.provide data origin authenticity along with data A one-way hash function (OWHF) is MDCintegrity by integrating symmetric key for which it is difficult to find an input which hashesencryption algorithm with a hash algorithm. to a prespecified hash-value.Hash functions provide data integrity, while A collision resistant hash function (CRHF) isencryption techniques provide source or origin characterized by difficulty in finding any two inputsauthenticity by using a shared secret key. In the having the same hash-value.paper the technique to combine both hash For data origin authentication purposefunction and encryption algorithm-DES is given message authentication codes (MAC) are used. Theso that, both features, data integrity and source purpose of a MAC is to facilitate, without the use ofauthentication, may be availed while any additional mechanisms, assurances regardingcommunicating message between sender and both the source of a message and its integrity.receiver on a network. MACs have two functionally distinct parameters, a message input and a secret key.Keywords: DES, hash function, MD5, MACs are keyed hash functions [2]. In case ofmessage authentication, message integrity MAC, the design intent is to be infeasible to produce the same output without knowledge of the key.I. INTRODUCTION Currently MD5 [3] and SHA-1 [4] are Hash functions are one of the fundamental widely used all over the world as estab;lished hashimportances in cryptographic protocols. They are functions. Both of these hash functions are derivedapplied in digital signatures, data integrity, time from MD4 [5]. Successful attacks have beenstamping, password verification, digital performed on MD4, so all hash functions that arewatermarking, group signature, e-vash and in many based upon its structure may also have commonother cryptographic protocols. weaknesses. Hash Functions take a block of data as In this paper, we will describe the designinput, and produce a hash or message digest as algorithm of cryptographic hash function along withoutput. The usual intent is that the hash can act as a the use of Data Encryption Standard (DES). Here,signature for the original data, without revealing its DES is an already proven symmetric encryptioncontents. Therefore, its important that the hash scheme that produces cipher text in 64 bit blockfunction be irreversible - not only should it be nearly taking 64 bit plain text as input. Merging ofimpossible to retrieve the original data, it must also encryption algorithm will provide additional facilitybe unfeasible to construct a data block that matches of source authentication and thus, will improvesome given hash value. A hash function takes a long stucture of hash function that supports messagestring (or message) of any length as input and integrity only. Here authentication means to provideproduces a fixed length string as output, sometimes a means to receiver for assurance that the message istermed a message digest or a digital fingerprint[1]. actually sent by original sender, not by some 2137 | P a g e

2.
Richa Purohit, Yogendra Singh, Dr. Upendra Mishra, Dr. Abhay Bansal / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue 5, September- October 2012, pp.2137-2142intruder, and at the same time the message is also a secret key, under a public key cryptosystem. MD5authenticated and original. The paper also discusses is currently a standard, Internet Engineering Taskthe working of MD5 and DES functions and there Force (IETF) Request for Comments (RFC) 1321.key features. Then it describes the proposed method According to the standard, it is "computationallyand analyzes its cost and potential applications. infeasible" that any two messages that have been input to the MD5 algorithm could have as the outputIII. PROPERTIES OF HASH ALGORITHM the same message digest, or that a false message Some of the properties of hash functions could be created through apprehension of the are due to the requirements in implementation. For message digest. MD5 is the third message digest instance, it is useful to have a hash function which is algorithm created by Rivest. All three (the others are easy to implement (easy to compute the hash of a MD2 and MD4) have similar structures, but MD2 message) on one side and on the other side it has to was optimized for 8-bit machines, in comparison be able to compress the information (the message). with the two later formulas, which are optimized for Other properties are driven from the cryptographic 32-bit machines. The MD5 algorithm is an environment requirements. As such we have three extension of MD4, which the critical review found properties[6]: to be fast, but possibly not absolutely secure. In * Preimage Resistance (one way function) – Given comparison, MD5 is not quite as fast as the MD4 a hash h it should be difficult to find any algorithm, but offers much more assurance of data message m such that h= hash(m). This concept security. is known as one-way function. Functions that lack Following are the steps involved in MD5 algorithm this property are vulnerable to preimage attacks. to create a digest value: * 2nd-Preimage Resistance (also known as collision 1. First of all the original message is padded with resistance) – Given an input m1, it should be 100…00 bits, so that the original message length ≡ difficult to find another input m2 where m1 ≠ m2 448 mod 512. such that hash(m1) = hash(m2). This property is 2. As next step, original message length (in 264 bit sometimes known as weak collision resistance, and representation) is appended to the output of previous functions that lack this property are vulnerable step. to second-preimage attacks. 3. After initialization of 128 bit MD buffer, the * Collision Resistance (also called strong collision message (output from previous stage) is processed resistance) – It should be difficult to find two in blocks of 512 bit each. Processing is done on different messages m1 and m2 such that hash(m1) = individual blocks, where, each step consists of 4 hash(m2). Such a pair is called a cryptographic individual rounds, and each round contains 16 steps, hash collision. This property is sometimes known thus total 64 steps. as strong collision resistance. It requires a hash 4. After processing each individual 512 bit block, value at least twice as long as that required for the output is taken in the 128 bit buffer, and this preimage-resistance, otherwise collisions may be buffer is used as current value in processing of next found by a birthday attack. 512 bit block. In such a way, after processing all These properties imply that a 512 bit blocks, the final output in buffer, obtained malicious adversary cannot replace or modify the by processing last block of message, is termed as input data without changing its digest. Thus, if two final message digest value of the whole message. strings have the same digest, one can be very So, If we have two distinct messages, M1 confident that they are identical. and M2, the difficulty of computing their digest, The one-way hash function is a hash such that MD5(M1) = MD5(M2), is in the order of function (i.e., offering ease of computation and 264 operations. Similarly, for a given a message compression) with the additional properties, as digest h, the difficulty of computing a message, M defined above: preimage resistance, 2nd-preimage such that MD5(M) = h, is on the order of 2128 resistance [7]. The collision resistant hash function operations. is a hash function characterized by 2nd-preimage An attack on MD5 was presented in 2005, resistance and collision resistance. using differential analysis, which allows finding In our solution, we will use MD5 collisions efficiently[8]. The same attack, applied on algorithms. The MD5 is a widely used algorithm to HAVAL-128, MD4, RIPEMD, and SHA-0 reduced verify data integrity through the creation of a 128- the number of operation for determining a second bit message digest from data input (which may be a message with the same hash. Even if the number of message of any arbitrary length) that is claimed to operations required for the attack is considerable, be as unique to that specific data as a fingerprint is such attacks are reducing the ideal number of to the specific individual. MD5, which was operations assumed to be required for breaking hash developed by Professor Ronald L. Rivest of MIT, is functions. Such findings motivated NIST to find intended for use with digital signature applications, new, resistant hash functions [9]. which require that large files must be compressed by a secure method before being encrypted with 2138 | P a g e

3.
Richa Purohit, Yogendra Singh, Dr. Upendra Mishra, Dr. Abhay Bansal / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue 5, September- October 2012, pp.2137-2142IV. PROPERTIES OF THE DES BLOCK CIPHER 2. Our hash function is also a wide pipe hah DES originated at IBM in 1977 and was function. Like other hash functions we will use anadopted by the U.S. Department of Defense. It is initial value and a variant of padding rule whichspecified in the ANSI X3.92 and X3.106 standards provides a dynamic hash.and in the Federal FIPS 46 and 81 standards. DES is Algorithm:a block cipher encryption algorithm i.e. it takes 1. Padding - Padding is done in following two steps-input in block and produces output also in block. a. Pad1:-In the first step, the given message isThe block size is specific for each algorithm. DES padded so that |M| < 264 . The padding is done by 1deals with 64 bit block [10]. Cryptographers say that followed by neccasray number of 0 bits:-a block cipher is secure if both C→E(P) and Pad1 (M) = M||1||0kP→D(C) are indistinguisable from a randomly b. Pad2:- (Append message length) In the secondselected permutation. This cascade construction step, the output of step (a) is padded with 64 bitextends the collosion resistance and pre-image binary representation of message length. i.e. pad2resistance[11], (here, C= Cipher text, E= Encryption (M) = M||1||0k||bin64 (|M|).algorithm, P= Plain text and D= Decryption 2. Generate intermediate hash- let M1|| M2|| ---||Mtalgorithm). DES is symmetric encryption technique, be the padded message and each Mi is a 512 bitthat is it uses similar key for both encryption and block of message. We initialize an MD buffer withdecryption algorithms. some predefined initial values, i.e. (S0, j0) = (SIV, 0). In processing, DES consists of two Now, we invoke a SHA-1 like compression functionpermutation operations with 16 identical rounds of C and produce a 128 bit intermediate hash value. 𝑀1operations in between. It uses a 64 bit long key, (S0, j0) (S1, j1)where 8 bits are reserved as parity bits (one bit for 3. Apply Symmetric Encryption Algorithm- Aftereach of the eight words in the key), thus effective getting intermediate digest value; we divide it intokey length is 56 bit. For each of the sixteen round a two blocks of 64 bit each. And apply symmetric key48 bit key is used, which is made up by permutation, encryption algoroithm on each block separately,combination, shifting and other operations which again gives us two individual blocks of 64performed on initial 56 bit key, and all 16 keys are bits as output.diferent each time. The performance of a block 4. Getting output of processing of a single block- thecipher is dependent on the cost of both the outputs of encryption on two 64 bit blocks areencryption routine and key setup.For bulk combined together (by simple append operation)encryption the cost of a single key setup is and one 128 bit block is formed. (After first block itamortized over the entire encryption session. is known as (S1, j1) and so on.) (Figure 1).However, when used as the basis for a hash 5. Output:- This new (Sn, jn) is used as input valuesfunction, the cost of the key schedule becomes a for IV for next 512 bit block of message forsignificant factor. Most modern ciphers, including processing. After processing all t blocks, the finalthe DES, tend to have a lightweight key (St, jt) is final hash value for initial message. (Figureschedule[12]. 2)V. PROPOSED SOLUTION One approach would be to try to buid thenew function based on existing techniques only. Forexample- we may concatenate the outputs of twodifferent hash functio techniques and treat thisconcatenated output as final digest. But for thissolution, both of the existing hash functions shouldbe independent of each other. One more method may include thetechniques to strengthen the existing hashalgorithms by inceasing the number of rounds,adding some coding or scrambling steps, increasingthe buffer size (so as to increasing the digest size),making the mixing step varing with the rounds[13].Our method involves combination of twoestablished techniques. Now, we describe our newlyproposed hash function based on MD5 and DES.The hash function has following properties- Figure 1:Intermediate processing of a single 5121. It produces a 128 bit digest value. {0,1} < 264 → bit block128 bit value. Here {0,1} < 264 denotes the set of allmessages whose length is at most 264-1 which isreasonable in all practical applications. 2139 | P a g e

4.
Richa Purohit, Yogendra Singh, Dr. Upendra Mishra, Dr. Abhay Bansal / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue 5, September- October 2012, pp.2137-2142 The proposed solution increases the present processing of a single block, as does not directly feeds the output of previos block as current value for next block, rather it first devides the 128 bit output into two 64 bit partitions, encrypts them using DES algorithms, and further uses the output after concatednation of both 6 bit cipher blocks as current value for next block. CV0=IV CVq= E (K,B1) || E (K,B2) Where,Figure 2:Final Procesing IV= Initialization value of MD buffer set by MD5 E= DES scheme Use of DES as an intermediate symmetric B1= Left 64 bits of output of MD5 digest valueencryption algorithm needs Key Distribution Center B2= Right 64 bits of output of MD5 digest value(KDC) [14], that will distribute the symmetric key K= DES key(or session key) to both parties- sender and receiverin encrypted form, using its own private key, so that Following diagram shows overall processing of theno other party in the network may gain access to the algorithm.key and the proposed solution is secure in thismanner. 2140 | P a g e

5.
Richa Purohit, Yogendra Singh, Dr. Upendra Mishra, Dr. Abhay Bansal / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 2, Issue 5, September- October 2012, pp.2137-2142 L*512 bits= N*32 bits K bits Message 1…..0000000 Message length (Padding bits) (k mod 2 64) 512 bits 512 bits 512 bits 512 bits Y0 Y1 Yq YL-1 128 bit H MD5 H MD5 H MD5 H MD5 128 bit 128 bit 128 bit 128 bit IV DES DES DES DES DES DES DES DES 128 bit 128 bit 128 bit 128 bit encrypted encrypted encrypted encrypted hash value hash value hash value hash value 128 bit 128 bit 128 bit 128 bit Final 128 bit message digest Figure 3: An illustrated view of processing of MD5 having DES in betweenVI. VII ANALYSIS OF PROPOSED METHOD adversary may need to perform at least 2196 trials One major drawback of using DES for a successful attack, that is equivalent to bothalgorithm while generating the hash is the attack on DES alone and attack on MD5 alone. Itcomparative slow speed of DES, which may says that the algorithm is stronger than MD5. Atultimately slow down the whole process. This is the same time the cost of proposed solution is alsobecause the usual DES Encryption algorithm more than simple MD5 as it combines twostreches the given 56-bit DES key into 48*16 bits algorithms. But one Still the analysis of the(16 rounds of operations, where each round uses performance of cryptographic algorithms is closelydifferent 48 bit key made up from initial 56 bit related to their security: high performanceDES key). One way to improve the rate of DES applications require an optimal trade-off betweenbased hash algorithm would be to skip the key- security and speed. [15]scheduling algorithm and feed 16*48 bits of inputtext directly as a key. This consuiderably increases The security of the proposed solution canthe rate of digest construction. Using the streched be split into a consideration of underlying blockoutput as the DES key would effectively allow us cipher and then of the compression function andto compress 512 bits per DES-call. chaining mode. The latter concerns are handled by the results of Damgård, Merkle, Black et al [16], The strength of the algorithm may taken and Biham and Dunkelman [17] so for reasons ofby considering brute force attack on it. Here, the 2141 | P a g e